Thrown in the small house rather than the big house

An Equifax executive – who knew the biz had been hacked before it was made public and banked over $75,000 in stock trades using this inside knowledge – has avoided jail.

Sudhakar Reddy Bonthu, formerly a software product development manager for Equifax’s Global Consumer Services team, admitted to learning that hackers have made off with the personal records of 46 million people in August 2017, and days later exploited that information in share trades.

The 44-year-old was sentenced by a US federal district court in Georgia this week to eight months of home confinement, fined $50,000, and made to give back his ill-gotten gains.

Bonthu, of Atlanta, had been asked to develop an online portal where people could check if their data had been swiped by miscreants from an unnamed company, but he figured out it was his employer that had been ransacked by cyber-crooks. He was told the announcement about the security breach would be made on September 6, and decided to see if he couldn't turn a quick buck from this insider info.

Bonthu confessed to buying put options on Equifax stock on September 1, something he knew to be dodgy because Equifax forbids its employees from buying options on corporate stock. Two weeks later, when he sold the options after details of the hack were disclosed to the public, the falling stock price had netted him more than $75,000 in profit.

Equifax reveals full horror of that monstrous cyber-heist of its servers

“Bonthu intentionally took advantage of information entrusted to him in order to make a quick profit,” said US Attorney Byung Pak. “The integrity of the stock markets and the confidence of investors are impaired by those who use nonpublic information for personal gain.”

Almost as soon as the announcement of the cyber-heist was made, there were rumors of insider trading. The firm's chief financial officer and three others in senior management sold $1.8m in shares shortly before the disclosure, although Equifax said an internal investigation showed that there was no collusion or insider trading on their part.

The US Department of Justice is also probing the matter, and charges have been brought against Jun Ying, CIO of the US information solutions unit at Equifax, accusing him of dumping nearly a million dollars worth of stock just before the announcement.

“If we don’t hold company insiders to the same rules that govern regular investors, the public’s confidence in the stock market erodes,” said Chris Hacker, special agent in charge of FBI Atlanta. “The FBI will do everything in its power to hold accountable those who choose to take advantage of their inside knowledge.” ®